Important: Red Hat Security Advisory: zero trust workload identity manager for Red Hat OpenShift 1.0.1

zero trust workload identity manager for Red Hat OpenShift 1.0.1 The Zero Trust Workload Identity Manager ZTWIM is a day-2 operator. The operator manages lifecycle of operand components from SPIRE project. The goal of ZTWIM is to provide secure, verifiable workload identities for workloads in...

Important: Red Hat Security Advisory: zero trust workload identity manager for Red Hat OpenShift 1.0.1

zero trust workload identity manager for Red Hat OpenShift 1.0.1 The Zero Trust Workload Identity Manager ZTWIM is a day-2 operator. The operator manages lifecycle of operand components from SPIRE project. The goal of ZTWIM is to provide secure, verifiable workload identities for workloads in...

Important: Red Hat Security Advisory: zero trust workload identity manager for Red Hat OpenShift 1.0.1

zero trust workload identity manager for Red Hat OpenShift 1.0.1 The Zero Trust Workload Identity Manager ZTWIM is a day-2 operator. The operator manages lifecycle of operand components from SPIRE project. The goal of ZTWIM is to provide secure, verifiable workload identities for workloads in...

Important: Red Hat Security Advisory: zero trust workload identity manager for Red Hat OpenShift 1.0.1

zero trust workload identity manager for Red Hat OpenShift 1.0.1 The Zero Trust Workload Identity Manager ZTWIM is a day-2 operator. The operator manages lifecycle of operand components from SPIRE project. The goal of ZTWIM is to provide secure, verifiable workload identities for workloads in...

CVE-2026-41889 vulnerabilities

Vulnerabilities for packages: sqlexporter, rke2-runtime-fips, flyte, goose, openbao-fips, hydra, hydra-fips, juicefs, kine, azure-service-operator, authentik, spire-server-fips, pgwatch, sftpgo-plugin-eventsearch, spqr, timescaledb-parallel-copy, gitlab-cng-fips, rke2-runtime, seaweedfs,...

CVE-2026-7315

A flaw has been found in eiceblue spire-pdf-mcp-server 0.1.1. This impacts the function getpdfpath of the file src/spirepdfmcp/server.py of the component PDF File Handler. Executing a manipulation of the argument filepath can lead to path traversal. The attack can be launched remotely. The exploi...

CVE-2026-7314

A vulnerability was detected in eiceblue spire-doc-mcp-server 1.0.0. This affects the function getdocpath of the file src/spiredocmcp/api/base.py. Performing a manipulation of the argument documentname results in path traversal. The attack can be initiated remotely. The exploit is now public and...

CVE-2026-7315

The CVE affects eiceblue spire-pdf-mcp-server v0.1.1 (PDF File Handler, get_pdf_path). A flaw allows path traversal via a manipulated filepath, enabling a remote attack. Exploit has been published; the project was informed early via an issue but has not responded. No remediation or patch version ...

CVE-2026-7315

A flaw has been found in eiceblue spire-pdf-mcp-server 0.1.1. This impacts the function getpdfpath of the file src/spirepdfmcp/server.py of the component PDF File Handler. Executing a manipulation of the argument filepath can lead to path traversal. The attack can be launched remotely. The exploi...

CVE-2026-7315 eiceblue spire-pdf-mcp-server PDF File server.py get_pdf_path path traversal

A flaw has been found in eiceblue spire-pdf-mcp-server 0.1.1. This impacts the function getpdfpath of the file src/spirepdfmcp/server.py of the component PDF File Handler. Executing a manipulation of the argument filepath can lead to path traversal. The attack can be launched remotely. The exploi...

CVE-2026-7314

A vulnerability was detected in eiceblue spire-doc-mcp-server 1.0.0. This affects the function getdocpath of the file src/spiredocmcp/api/base.py. Performing a manipulation of the argument documentname results in path traversal. The attack can be initiated remotely. The exploit is now public and...

CVE-2026-7314

The CVE-2026-7314 vulnerability affects eiceblue spire-doc-mcp-server 1.0.0. It targets the function get_doc_path in src/spire_doc_mcp/api/base.py, where manipulating the document_name argument enables path traversal. The issue can be exploited remotely; the public exploit is available, and the p...

CVE-2026-7314 eiceblue spire-doc-mcp-server base.py get_doc_path path traversal

A vulnerability was detected in eiceblue spire-doc-mcp-server 1.0.0. This affects the function getdocpath of the file src/spiredocmcp/api/base.py. Performing a manipulation of the argument documentname results in path traversal. The attack can be initiated remotely. The exploit is now public and...

CVE-2026-7314 eiceblue spire-doc-mcp-server base.py get_doc_path path traversal

A vulnerability was detected in eiceblue spire-doc-mcp-server 1.0.0. This affects the function getdocpath of the file src/spiredocmcp/api/base.py. Performing a manipulation of the argument documentname results in path traversal. The attack can be initiated remotely. The exploit is now public and...

EUVD-2026-26151

A vulnerability was detected in eiceblue spire-doc-mcp-server 1.0.0. This affects the function getdocpath of the file src/spiredocmcp/api/base.py. Performing a manipulation of the argument documentname results in path traversal. The attack can be initiated remotely. The exploit is now public and...

Spire.Doc MCP Server 路径遍历漏洞

Spire.Doc MCP Server is a tool provided by E-iceblue Product Family for individual developers, allowing them to work with Word documents without using Microsoft Word. Version 1.0.0 of Spire.Doc MCP Server contains a path traversal vulnerability. This vulnerability arises from the operation of the...

Spire.Doc MCP Server 路径遍历漏洞

Spire.Doc MCP Server is a tool provided by E-iceblue Product Family for individual developers, allowing them to work with Word documents without the need for Microsoft Word. Version 0.1.1 of Spire.Doc MCP Server contains a path traversal vulnerability. This vulnerability stems from the getpdfpath...

PT-2026-35828

A flaw has been found in eiceblue spire-pdf-mcp-server 0.1.1. This impacts the function get pdf path of the file src/spire pdf mcp/server.py of the component PDF File Handler. Executing a manipulation of the argument filepath can lead to path traversal. The attack can be launched remotely. The...

PT-2026-35827

A vulnerability was detected in eiceblue spire-doc-mcp-server 1.0.0. This affects the function get doc path of the file src/spire doc mcp/api/base.py. Performing a manipulation of the argument document name results in path traversal. The attack can be initiated remotely. The exploit is now public...

GHSA-HFVC-G4FC-PQHX vulnerabilities

Vulnerabilities for packages: vcluster, cloudflared, rancher-agent, restic, velero, flux-kustomize-controller, falcosidekick, witness, cloud-provider-gcp-cloud-controller-manager, terragrunt, splunk-otel-collector, cluster-autoscaler, kots, prometheus-adapter, xeol, cerbos,...